<?php

if(isset($_POST['login']) AND isset($_POST['pass']))
{
	$login = $core->db->real_escape_string($_POST['login']);
	$pass = $core->db->real_escape_string($_POST['pass']);
		
	$result = $core->db->selectOne("SELECT * FROM users WHERE login='$login' AND pass=MD5('$pass')");
	
	if(count($result) > 0)
	{
		$token = uniqid();
		setcookie('account', $token, time()+3600);
		
		$core->db->update('users', array('token' => $token), "id=$result->id");
		
		header("Location: home.html");
	}
}

$core->tpl->assign('siteTitle', 'Logowanie');
$core->tpl->display("login.tpl");
?>